Merge branch 'no-default-vpc'

BBVA · Mar 13, 2019 · 858e7aa · 858e7aa
2 parents a701e12 + ccc0e2e
commit 858e7aa
Show file tree

Hide file tree

Showing 5 changed files with 126 additions and 28 deletions.
diff --git a/deploy/aws/main.tf b/deploy/aws/main.tf
@@ -47,7 +47,7 @@ module "qed" {
   iam_instance_profile   = "${aws_iam_instance_profile.qed-profile.name}"
   volume_size            = "20"
   vpc_security_group_ids = "${module.security_group.this_security_group_id}"
-  subnet_id              = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id              = "${aws_subnet.qed.id}"
   key_name               = "${aws_key_pair.qed.key_name}"
   key_path               = "${var.keypath}"
 }
@@ -60,7 +60,7 @@ module "inmemory-storage" {
   iam_instance_profile   = "${aws_iam_instance_profile.qed-profile.name}"
   volume_size            = "20"
   vpc_security_group_ids = "${module.security_group.this_security_group_id}"
-  subnet_id              = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id              = "${aws_subnet.qed.id}"
   key_name               = "${aws_key_pair.qed.key_name}"
   key_path               = "${var.keypath}"
 }
@@ -75,7 +75,7 @@ module "agent-publisher" {
   iam_instance_profile   = "${aws_iam_instance_profile.qed-profile.name}"
   volume_size            = "20"
   vpc_security_group_ids = "${module.security_group.this_security_group_id}"
-  subnet_id              = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id              = "${aws_subnet.qed.id}"
   key_name               = "${aws_key_pair.qed.key_name}"
   key_path               = "${var.keypath}"
 }
@@ -90,7 +90,7 @@ module "agent-monitor" {
   iam_instance_profile   = "${aws_iam_instance_profile.qed-profile.name}"
   volume_size            = "20"
   vpc_security_group_ids = "${module.security_group.this_security_group_id}"
-  subnet_id              = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id              = "${aws_subnet.qed.id}"
   key_name               = "${aws_key_pair.qed.key_name}"
   key_path               = "${var.keypath}"
 }
@@ -105,7 +105,7 @@ module "agent-auditor" {
   iam_instance_profile   = "${aws_iam_instance_profile.qed-profile.name}"
   volume_size            = "20"
   vpc_security_group_ids = "${module.security_group.this_security_group_id}"
-  subnet_id              = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id              = "${aws_subnet.qed.id}"
   key_name               = "${aws_key_pair.qed.key_name}"
   key_path               = "${var.keypath}"
 }
@@ -117,7 +117,7 @@ module "prometheus" {
   iam_instance_profile   = "${aws_iam_instance_profile.qed-profile.name}"
   volume_size            = "20"
   vpc_security_group_ids = "${module.prometheus_security_group.this_security_group_id}"
-  subnet_id              = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id              = "${aws_subnet.qed.id}"
   key_name               = "${aws_key_pair.qed.key_name}"
   key_path               = "${var.keypath}"
 }
@@ -129,7 +129,7 @@ module "riot" {
   iam_instance_profile   = "${aws_iam_instance_profile.qed-profile.name}"
   volume_size            = "20"
   vpc_security_group_ids = "${module.security_group.this_security_group_id}"
-  subnet_id              = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id              = "${aws_subnet.qed.id}"
   key_name               = "${aws_key_pair.qed.key_name}"
   key_path               = "${var.keypath}"
   endpoint               = "${module.qed.private_ip[0]}"

diff --git a/deploy/aws/network.tf b/deploy/aws/network.tf
@@ -18,26 +18,65 @@ data "http" "ip" {
   url = "http://icanhazip.com"
 }
 
-data "aws_vpc" "default" {
-  default = true
+resource "aws_vpc" "qed" {
+  enable_dns_hostnames = true
+  cidr_block           = "${var.vpc_cidr}"
+
+  tags = {
+    Name = "QED"
+  }
+}
+
+resource "aws_subnet" "qed" {
+  vpc_id                  = "${aws_vpc.qed.id}"
+  cidr_block              = "${var.public_subnet_cidr}"
+  map_public_ip_on_launch = true
+
+  tags = {
+    Name = "QED"
+  }
+}
+
+resource "aws_internet_gateway" "qed" {
+  vpc_id = "${aws_vpc.qed.id}"
+
+  tags = {
+    Name = "QED"
+  }
+}
+
+resource "aws_route" "qed" {
+  route_table_id         = "${aws_vpc.qed.default_route_table_id}"
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id             = "${aws_internet_gateway.qed.id}"
+}
+
+resource "aws_vpc_dhcp_options" "qed" {
+  domain_name         = "service.qed"
+  domain_name_servers = ["AmazonProvidedDNS"]
+
+  tags = {
+    Name = "QED"
+  }
+}
+
+resource "aws_vpc_dhcp_options_association" "qed" {
+  vpc_id          = "${aws_vpc.qed.id}"
+  dhcp_options_id = "${aws_vpc_dhcp_options.qed.id}"
 }
 
 resource "aws_key_pair" "qed" {
   key_name   = "qed"
   public_key = "${file("${var.keypath}.pub")}"
 }
 
-data "aws_subnet_ids" "all" {
-  vpc_id = "${data.aws_vpc.default.id}"
-}
-
 module "security_group" {
   source  = "terraform-aws-modules/security-group/aws"
   version = "2.11.0"
 
   name        = "qed"
   description = "Security group for QED usage"
-  vpc_id      = "${data.aws_vpc.default.id}"
+  vpc_id      = "${aws_vpc.qed.id}"
 
   egress_rules = ["all-all"]
 
@@ -101,7 +140,7 @@ module "prometheus_security_group" {
 
   name        = "prometheus"
   description = "Security group for Prometheus/Grafana usage"
-  vpc_id      = "${data.aws_vpc.default.id}"
+  vpc_id      = "${aws_vpc.qed.id}"
 
   egress_rules = ["all-all"]
 

diff --git a/deploy/aws/variables.tf b/deploy/aws/variables.tf
@@ -5,3 +5,13 @@ variable "aws_profile" {
 variable "keypath" {
   default = "~/.ssh/id_rsa_free"
 }
+
+variable "vpc_cidr" {
+  description = "CIDR of the VPC as a whole"
+  default     = "172.31.0.0/16"
+}
+
+variable "public_subnet_cidr" {
+  description = "CIDR of the public subnet"
+  default     = "172.31.1.0/24"
+}
diff --git a/tests/cloud/aws/main.tf b/tests/cloud/aws/main.tf
@@ -19,19 +19,62 @@ provider "aws" {
   profile = "${var.profile}"
 }
 
-data "aws_vpc" "default" {
-  default = true
+data "http" "ip" {
+  url = "http://icanhazip.com"
+}
+
+resource "aws_vpc" "qed-test" {
+  enable_dns_hostnames = true
+  cidr_block           = "${var.vpc_cidr}"
+
+  tags = {
+    Name = "QED-test"
+  }
+}
+
+resource "aws_subnet" "qed-test" {
+  vpc_id                  = "${aws_vpc.qed-test.id}"
+  cidr_block              = "${var.public_subnet_cidr}"
+  map_public_ip_on_launch = true
+
+  tags = {
+    Name = "QED-test"
+  }
+}
+
+resource "aws_internet_gateway" "qed-test" {
+  vpc_id = "${aws_vpc.qed-test.id}"
+
+  tags = {
+    Name = "QED-test"
+  }
+}
+
+resource "aws_route" "qed-test" {
+  route_table_id         = "${aws_vpc.qed-test.default_route_table_id}"
+  destination_cidr_block = "0.0.0.0/0"
+  gateway_id             = "${aws_internet_gateway.qed-test.id}"
+}
+
+resource "aws_vpc_dhcp_options" "qed-test" {
+  domain_name         = "service.qed-test"
+  domain_name_servers = ["AmazonProvidedDNS"]
+
+  tags = {
+    Name = "QED-test"
+  }
+}
+
+resource "aws_vpc_dhcp_options_association" "qed-test" {
+  vpc_id          = "${aws_vpc.qed-test.id}"
+  dhcp_options_id = "${aws_vpc_dhcp_options.qed-test.id}"
 }
 
 resource "aws_key_pair" "qed-benchmark" {
   key_name   = "qed-benchmark"
   public_key = "${file("~/.ssh/id_rsa.pub")}"
 }
 
-data "aws_subnet_ids" "all" {
-  vpc_id = "${data.aws_vpc.default.id}"
-}
-
 data "aws_ami" "amazon_linux" {
   most_recent = true
 
@@ -52,16 +95,12 @@ data "aws_ami" "amazon_linux" {
   }
 }
 
-data "http" "ip" {
-  url = "http://icanhazip.com"
-}
-
 module "security_group" {
   source = "terraform-aws-modules/security-group/aws"
 
   name        = "qed-benchmark"
   description = "Security group for QED benchmark usage"
-  vpc_id      = "${data.aws_vpc.default.id}"
+  vpc_id      = "${aws_vpc.qed-test.id}"
 
   ingress_cidr_blocks = ["${chomp(data.http.ip.body)}/32"]
   ingress_rules       = ["http-8800-tcp", "all-icmp", "ssh-tcp"]
@@ -95,7 +134,7 @@ module "ec2" {
   ami                         = "${data.aws_ami.amazon_linux.id}"
   instance_type               = "${var.flavour}"
   instance_count              = "${var.cluster_size}"
-  subnet_id                   = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id                   = "${aws_subnet.qed-test.id}"
   vpc_security_group_ids      = ["${module.security_group.this_security_group_id}"]
   associate_public_ip_address = true
   key_name                    = "${aws_key_pair.qed-benchmark.key_name}"
@@ -114,7 +153,7 @@ module "ec2-spartan" {
   name                        = "qed-benchmark-spartan"
   ami                         = "${data.aws_ami.amazon_linux.id}"
   instance_type               = "${var.flavour}"
-  subnet_id                   = "${element(data.aws_subnet_ids.all.ids, 0)}"
+  subnet_id                   = "${aws_subnet.qed-test.id}"
   vpc_security_group_ids      = ["${module.security_group.this_security_group_id}"]
   associate_public_ip_address = true
   key_name                    = "${aws_key_pair.qed-benchmark.key_name}"

diff --git a/tests/cloud/aws/variables.tf b/tests/cloud/aws/variables.tf
@@ -33,3 +33,13 @@ variable "profile" {}
 
 // Force choose cluster size
 variable "cluster_size" {}
+
+variable "vpc_cidr" {
+  description = "CIDR of the VPC as a whole"
+  default     = "172.31.0.0/16"
+}
+
+variable "public_subnet_cidr" {
+  description = "CIDR of the public subnet"
+  default     = "172.31.1.0/24"
+}